This Metasploit module exploits a lack of authentication and authorization on the InduSoft Web Studio Remote Agent, that allows a remote attacker to write arbitrary files to the filesystem, by abusing the functions provided by the software. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of InduSoft Web Studio on Windows pre Vista. It has been successfully tested on InduSoft Web Studio 6.1 SP6 over Windows XP SP3 and Windows 2003 SP2.
3fdafb054398a32fb8b23fd92f9caabbc9e00bce705897aaeb32c9f0b57d9a2aWordPress may suffer from a remote command execution vulnerability.
3ddeffcccbff53b5e13af69c322ebfd90f4169d91e4e3de98ef09a1c11e26077Oracle Identity Management suffers from a reflected cross site scripting POST injection vulnerability when parsing user input to the 'username' parameter via POST method thru '/usermanagement/forgotpassword/index.jsp' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session. Version 10.1.4.0.1 is affected.
11ad165297c46531c1bd989c2c880dd5e46fce591848aa84984ee7c5353bca88MyBB suffers from a remote command execution vulnerability.
30b47d3b1bae681546804f1a1f08db38d3c46dc40f935b8f9e6a3cda240cf948XnView versions 1.99 and 1.99.1 suffers from a heap-based buffer overflow vulnerability. Proof of concept JLS file included.
12f75e008d1e820f5810b663abe9e6f03819746e68bc912e53351dc21ea9a32fTemplate CMS version 2.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
f8abf37639cf0553f4391d208e25723d53d985a4a7b9cc5ee591c7708a514809phpMyBitTorrent version 2.04 suffers from insecure cache handling, remote file disclosure, local file inclusion, and remote SQL injection vulnerabilities.
25fb87d1faed33e02e6892952db60e041cb9171205e8aec0e9f52fbac8d97fb7PHPTax versions 0.8 and below remote code execution exploit. Written in Python.
86294030fd719aa799ec672577b9d00f4cb5ff09a5e758f0b04271418448dd6aNovell Sentinel Log Manager versions 1.2.0.2 and below allow unauthenticated users the ability to configure data retention policies.
f9550b9bb56838e4a763fd7aac655f16ba5fc20d46d5612b4d11feb17b24ba9dNCMedia Sound Editor Pro version 7.5.1 buffer overflow exploit with SEH and DEP.
4195ae37fdb252cffc6ea369a4e3f28b378fc74c86697f3ab2e437a9b9fbd9c1Omnistar Mailer version 7.2 suffers from remote SQL injection and cross site scripting vulnerabilities.
4acd4c095dc0486626e4864ec1e8379733c7558ab90f31e3149a86a143a9be4fWordPress Spider plugin version 1.0.1 suffers from cross site scripting, HTTP parameter pollution, and remote SQL injection vulnerabilities.
7a9a670b6a5688030b9e4d703e1b8649dda210e799378af153a651c0cc7ef47e23rdweb Studio suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
faa8ba15053d2a2fe7520b5a0f4fdb4ebc54b98f48ecbf3a5c48f7dc56fb72b3This Metasploit module exploits a flaw in the AfdJoinLeaf function of the afd.sys driver to overwrite data in kernel space. An address within the HalDispatchTable is overwritten and when triggered with a call to NtQueryIntervalProfile will execute shellcode. This Metasploit module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process before restoring it's own token to avoid causing system instability.
f6dc1203a74e12170988c31fabd455ab39d26e8231aa917f56967362c0509242phpFreeChat version 1.4 suffers from multiple cross site scripting vulnerabilities.
1b82a33a3e1e68375da09a67b32f8842cbefe9c87c225ad7a5b1c2ad22258452It appears that multiple cross site scripting vulnerabilities were discovered in PayPal.com.
f5239e9a4f5906c6ed51aa1c2f017f03fb91b576f0133a33b8ab8219f2ba8a70ProjectPier versions 0.8.8 and below suffers from a remote shell upload vulnerability.
d1e036a79a1b141620ded93726111ef41fa82aa390f1904f6586e24f31fa9180TP-LINK TD-W8151N 150Mbps wireless N ADSL+2 modem router suffers from a cross site request forgery vulnerability.
427ec14298c7ccdd86476a0829cf8b76602d498105b951c45aba638947ed5cb6Zenphoto version 1.4.3.2 suffers from a cross site scripting vulnerability.
c313654cf06a5459638e4cb26e414198c80c70942da3bd786c488538808104e7PhpTax version 0.8 suffers from a remote code execution vulnerability.
d0d6e0e1685582da24a6399ab9398b69b943a0fb2d14f8839ddf5d959307e3d4Handshakes Professional version 4.1 suffers from a remote SQL injection vulnerability.
35b955a7d870227ad43152ccc8657154fedddb89d144cf08d642e76d7ee49adaDartWebserver.Dll, an HTTP server by Dart Communications, suffers from a stack overflow vulnerability. Versions 1.9 and below are affected. Proof of concept code included.
305223063ea1f05d0ded3e552a5555e23607589feed9ca8044b36a03554ae90fSoapbox version 0.3.1 suffer from a local root code execution vulnerability.
fa6111f3bfe8c24bb8bf372dad0c191f2ae37919333b768bc405657c4799c826IBM Lotus Notes Traveler versions 8.5.3 and below suffer from cross site request forgery, cross site scripting, brute force, and redirection vulnerabilities.
95514a5e1a4429bebd982e1837c3801ea2f7ce55bc98c72e1145cda686b8a99eSites designed by Whereincity.com suffer from a cross site scripting vulnerability. Note that these findings house site-specific data.
b7661ae029838ae5eb7093c71b0d7e534f4fb21e65fbb39f179385cc36701e22
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed